Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. A method for software security scanning employing a scan quality index, comprising: a server comprising at least one computer processor receiving an identification of a computer program for security scanning; the server executing a security scan on the computer program and generating a log file comprising results of the security scan, wherein the log file comprises at least one of an error and a warning generated by the security scan; the server executing a scan quality index tool that generates a scan quality index score by analyzing the at least one error and a warning in the log file with a database comprising a configuration file identifying known error types and warning types, where the scan quality tool assigns a weighting to each error or warning based on whether each error or warning is a known error type or a known warning type, and wherein the scan quality index score represents a quality of the security scan; and the server outputting the scan quality index score.
This invention relates to software security scanning and addresses the challenge of assessing the quality and reliability of security scan results. The method involves a server with at least one computer processor that receives an identification of a computer program for security scanning. The server performs a security scan on the program, generating a log file containing errors and warnings from the scan. A scan quality index tool then analyzes these errors and warnings by comparing them against a database of known error and warning types, each with predefined weightings. The tool assigns a score based on the severity and relevance of the detected issues, producing a scan quality index score that quantifies the effectiveness and accuracy of the security scan. This score helps users evaluate the reliability of the scan results, ensuring that critical vulnerabilities are properly identified and prioritized. The system enhances security assessments by providing a standardized metric for scan quality, improving decision-making in software security evaluations.
2. The method of claim 1 , further comprising: the server preventing release of the computer program when the scan quality index score is below a predetermined value.
A system and method for software distribution control involves analyzing the quality of a computer program before its release. The method includes scanning the computer program to generate a scan quality index score, which quantifies the program's quality based on predefined criteria such as code integrity, security vulnerabilities, or performance metrics. If the scan quality index score falls below a predetermined threshold, the server prevents the release of the computer program, ensuring only high-quality software is distributed. This approach enhances software reliability and security by enforcing quality gates before deployment. The system may also include additional steps such as generating a scan report, storing the scan quality index score, and notifying administrators of the release decision. The method ensures that only programs meeting specified quality standards are released, reducing the risk of distributing flawed or insecure software.
3. The method of claim 1 , wherein the identification of the computer program is received with the computer program is checked in to a production database.
A system and method for managing computer programs in a production environment involves identifying a computer program and verifying its integrity before allowing it to be checked into a production database. The method includes receiving an identification of the computer program, which may include metadata such as version information, author details, or other identifiers. The system then checks the computer program against predefined criteria to ensure it meets security, compatibility, or performance standards before permitting it to be stored in the production database. This verification step helps prevent unauthorized or malfunctioning programs from being deployed in a live environment. The method may also include logging the check-in process for auditing purposes. The system ensures that only validated programs are integrated into the production database, reducing the risk of errors or security vulnerabilities in the deployed software. This approach is particularly useful in environments where software reliability and security are critical, such as financial systems, healthcare applications, or enterprise software deployments. The verification process may involve static code analysis, dependency checks, or signature validation to confirm the program's integrity before allowing it to be stored in the production database.
4. The method of claim 1 , wherein the identification further comprises an identification of one or more dependency associated with the computer program.
A system and method for analyzing computer programs identifies dependencies associated with the program to improve software management. The technology addresses the challenge of tracking and managing software dependencies, which are critical for ensuring compatibility, security, and efficient deployment. Dependencies refer to external libraries, modules, or services that a computer program relies on to function correctly. By identifying these dependencies, the system helps developers and administrators understand the program's requirements, resolve conflicts, and maintain system stability. The method involves scanning the computer program to detect and catalog its dependencies. This includes analyzing the program's source code, configuration files, and runtime environment to identify required libraries, frameworks, or other software components. The system may also determine the versions of these dependencies, ensuring compatibility with the program's specifications. Additionally, the method may track transitive dependencies, which are dependencies of dependencies, to provide a comprehensive view of the program's software ecosystem. By identifying and documenting these dependencies, the system enables better software management, reducing errors during deployment and improving maintenance. This approach is particularly useful in large-scale software environments where multiple programs interact, ensuring that all required components are available and correctly configured. The method supports automated dependency resolution, dependency conflict detection, and dependency version management, enhancing the overall reliability and efficiency of software development and deployment processes.
5. The method of claim 1 , wherein the log file identifies at least a number of errors and a number of warnings generated by the security scan.
A system and method for analyzing security scan results involves processing log files generated during security scans of computer systems. The log files contain data about vulnerabilities, errors, and warnings detected during the scan. The method includes extracting and categorizing this data to provide a structured analysis of security risks. Specifically, the log file identifies the number of errors and warnings generated by the security scan, allowing for quantitative assessment of potential security issues. The system may further process this data to prioritize vulnerabilities based on severity, frequency, or other criteria, enabling more efficient remediation. The method ensures that security teams can quickly identify critical issues and allocate resources effectively. The approach improves security monitoring by providing actionable insights from raw scan data, reducing the time and effort required to interpret and address vulnerabilities. This solution is particularly useful in environments where multiple security scans are performed regularly, generating large volumes of log data that must be analyzed systematically.
6. The method of claim 1 , wherein the scan quality index score is weighted based on a number of executable lines of code in the computer program.
A method for evaluating the quality of a software scan involves calculating a scan quality index score that is adjusted based on the size of the computer program being analyzed. The scan quality index score is derived from multiple factors, including the detection of vulnerabilities, code complexity, and adherence to coding standards. The method further refines this score by applying a weighting factor that corresponds to the number of executable lines of code in the program. This adjustment ensures that the scan quality assessment accounts for the program's size, providing a more accurate and scalable evaluation. The approach helps developers and security teams prioritize remediation efforts by identifying high-risk areas in large codebases while maintaining proportional relevance to the program's overall structure. By incorporating code size as a weighting factor, the method improves the reliability of scan quality assessments, particularly in complex or extensive software projects.
7. The method of claim 1 , further comprising: saving the scan quality index score in a database.
A system and method for evaluating and storing scan quality in imaging applications. The technology addresses the challenge of ensuring consistent and reliable image quality in scanning systems, where variations in hardware, environmental conditions, or user input can degrade results. The method involves capturing an image using a scanning device, analyzing the image to generate a scan quality index score that quantifies the image's quality based on predefined metrics such as resolution, contrast, noise levels, and distortion. The score is then saved in a database for tracking, comparison, or further processing. This allows users or automated systems to assess scan quality over time, identify trends, and optimize scanning parameters. The database storage enables historical analysis, quality control, and integration with other systems for improved decision-making. The method ensures that scan quality data is preserved and accessible, supporting applications in medical imaging, document scanning, industrial inspection, and other fields where image fidelity is critical.
8. A system for software security scanning employing a scan quality index, comprising: a server comprising at least one computer processor executing a security scanning engine and a scan quality index tool; a database comprising a configuration file identifying known error types and warning types; a production database comprising a computer program; wherein: the security scanning engine receives an identification of the computer program for security scanning; the security scanning engine executes a security scan on the computer program and generates a log file comprising results of the security scan, wherein the log file comprises at least one of an error and a warning generated by the security scan; and the scan quality index tool generates a scan quality index score by analyzing the at least one error and a warning in the log file with the configuration file, where the scan quality tool assigns a weighting to each error or warning based on whether each error or warning is a known error type or a known warning type, and wherein the scan quality index score represents a quality of the security scan.
This system addresses the challenge of assessing the effectiveness and reliability of software security scans by introducing a scan quality index. The system includes a server with a security scanning engine and a scan quality index tool, along with a database containing a configuration file that defines known error and warning types. A separate production database stores the computer program to be scanned. The security scanning engine identifies the target program, performs a security scan, and generates a log file containing errors and warnings detected during the scan. The scan quality index tool then evaluates these errors and warnings against the configuration file, assigning weights to each based on whether they match known error or warning types. The tool calculates a scan quality index score, which quantifies the scan's quality by reflecting the relevance and severity of the detected issues. This approach ensures that security scans are not only comprehensive but also accurately prioritize critical vulnerabilities, improving overall software security assessment.
9. The system of claim 8 , wherein the scan quality index tool prevents release of the computer program when the scan quality index score is below a predetermined value.
A system for evaluating the quality of computer program scans is disclosed. The system addresses the problem of ensuring that only high-quality scanned computer programs are released for further processing or distribution. The system includes a scan quality index tool that analyzes the results of a computer program scan to generate a scan quality index score. This score quantifies the reliability or accuracy of the scan results. The system further includes a release control mechanism that prevents the release of the computer program if the scan quality index score falls below a predetermined threshold value. This ensures that only scans meeting a minimum quality standard are allowed to proceed, reducing the risk of errors or vulnerabilities being introduced into the released software. The system may also include a scanning module that performs the initial scan of the computer program, generating data that the scan quality index tool uses to compute the score. The predetermined threshold value can be adjusted based on the specific requirements of the application or the sensitivity of the computer program being scanned. This system is particularly useful in environments where software integrity and security are critical, such as in software development, cybersecurity, or compliance workflows.
10. The system of claim 8 , further comprising: a user interface in communication with the server that receives the scan quality index score.
A system for evaluating scan quality in imaging systems addresses the challenge of ensuring consistent and reliable image quality in medical or industrial scanning applications. The system includes a server that processes scan data to generate a scan quality index score, which quantifies the quality of the scan based on predefined metrics such as resolution, noise levels, and artifact presence. The server compares the scan quality index score against a threshold to determine whether the scan meets acceptable quality standards. If the scan fails to meet the threshold, the system may trigger corrective actions, such as rescheduling the scan or adjusting imaging parameters. The system also includes a user interface that communicates with the server to display the scan quality index score to operators, allowing them to assess scan quality in real time. This interface may also provide recommendations for improving scan quality based on the score. The system ensures that imaging systems produce high-quality scans by continuously monitoring and evaluating scan performance, reducing the need for manual quality checks and minimizing errors.
11. The system of claim 8 , wherein the security scanning engine automatically scans the computer program when it is checked in to the production database.
A system for automated security scanning of computer programs in a production database environment. The system addresses the challenge of ensuring software security by integrating scanning directly into the development workflow, particularly when code is checked into a production database. The system includes a security scanning engine that automatically analyzes computer programs upon check-in, identifying vulnerabilities, malware, or other security risks before deployment. The scanning engine may use static or dynamic analysis techniques to evaluate the code, checking for known vulnerabilities, compliance with security policies, or adherence to coding best practices. The system may also include a database interface to monitor check-in events and trigger the scanning process, ensuring that all new or modified code is automatically assessed. Additionally, the system may generate reports or alerts for developers or administrators, highlighting detected issues and recommending remediation steps. The scanning engine may be configurable to support different programming languages, frameworks, or security standards, allowing customization based on organizational requirements. By automating the scanning process during check-in, the system reduces the risk of deploying insecure code and improves overall software security.
12. The system of claim 8 , wherein the log file identifies at least a number of errors and a number of warnings generated by the security scan.
A system for monitoring and analyzing security scan results includes a log file that records the number of errors and warnings generated during a security scan. The system is designed to identify and track security vulnerabilities in software or network environments. The log file provides a structured way to document security issues, allowing for systematic review and remediation. The system may also include a scanning module that performs the security scan, detecting potential threats or compliance violations. The log file can be used to generate reports, track trends over time, and prioritize security fixes based on the severity of errors and warnings. By quantifying security issues, the system helps organizations assess their risk exposure and improve their security posture. The log file may be integrated with other security tools or databases to enhance threat detection and response capabilities. The system ensures that security vulnerabilities are documented and addressed efficiently, reducing the likelihood of breaches or unauthorized access.
13. The system of claim 8 , wherein the scan quality index score is weighted based on a number of executable lines of code in the computer program.
A system for evaluating the quality of software scans analyzes computer programs to detect vulnerabilities or defects. The system generates a scan quality index score that quantifies the effectiveness of the scan, considering factors such as coverage, accuracy, and efficiency. To improve the relevance of this score, the system weights it based on the number of executable lines of code in the program. This weighting ensures that the score reflects the complexity and size of the software being analyzed, providing a more accurate assessment of scan quality. The system may also include components for performing the scan, identifying vulnerabilities, and generating reports. The weighted scan quality index helps developers prioritize remediation efforts by accounting for the scale of the codebase, ensuring that larger or more complex programs are evaluated proportionally. This approach enhances the reliability of security and quality assessments in software development.
Unknown
December 3, 2019
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.